@joclaim/attestor-core 0.2.0 → 0.2.3

package/src/scripts/generate-provider-types.ts

@@ -1,121 +0,0 @@
-import { readdir, readFile, writeFile } from 'fs/promises'
-import { compile } from 'json-schema-to-typescript'
-import { parse } from 'yaml'
-
-const PROVIDER_SCHEMAS_PATH = './provider-schemas'
-const GEN_TS_FILENAME = './src/types/providers.gen.ts'
-const BinaryDataType = 'BinaryData'
-
-async function main() {
-	const folders = await findAllProviderFolders()
-
-	console.log(`Generating for ${folders.length} provider folders`)
-
-	let ts = '/* eslint-disable */\n/* Generated file. Do not edit */'
-	// json-schema nor ajv support uint8array formats,
-	// so we define a custom type for binary data
-	// and use it in the generated types
-	ts += `\n\ntype ${BinaryDataType} = Uint8Array | string\n`
-	// type map of each provider to its parameters and secret parameters
-	let providerTypeMap = '\nexport interface ProvidersConfig {\n'
-	// schema map of each provider to its parameters and secret parameters
-	// storing the JSON schema in the map
-	// lets us validate the parameters and secret parameters
-	let providerSchemaMap = '\nexport const PROVIDER_SCHEMAS = {\n'
-
-	for(const folder of folders) {
-		const {
-			schemaTitle: paramsSchemaTitle,
-			ts: paramsSchemaTs,
-			jsonTitle: paramsJsonTitle
-		} = await generateTsFromYamlSchema(folder, 'parameters')
-		const {
-			schemaTitle: secretParamsSchemaTitle,
-			ts: secretParamsSchemaTs,
-			jsonTitle: secretParamsJsonTitle
-		} = await generateTsFromYamlSchema(
-			folder,
-			'secret-parameters'
-		)
-
-		ts += `\n${paramsSchemaTs}\n${secretParamsSchemaTs}`
-		providerTypeMap += `	${folder}: {\n`
-		providerTypeMap += `		parameters: ${paramsSchemaTitle}\n`
-		providerTypeMap += `		secretParameters: ${secretParamsSchemaTitle}\n`
-		providerTypeMap += '	}\n'
-
-		providerSchemaMap += `	${folder}: {\n`
-		providerSchemaMap += `		parameters: ${paramsJsonTitle},\n`
-		providerSchemaMap += `		secretParameters: ${secretParamsJsonTitle}\n`
-		providerSchemaMap += '	},\n'
-	}
-
-	providerTypeMap += '}\n'
-	providerSchemaMap += '}\n'
-	ts += providerTypeMap
-	ts += providerSchemaMap
-
-	await writeFile(GEN_TS_FILENAME, ts)
-	console.log(`Wrote to ${GEN_TS_FILENAME}`)
-}
-
-async function getJsonSchemaForProvider(
-	name: string,
-	type: 'parameters' | 'secret-parameters'
-) {
-	const paramsYaml = await readFile(
-		`${PROVIDER_SCHEMAS_PATH}/${name}/${type}.yaml`,
-		{ encoding: 'utf-8' }
-	)
-	const paramsJson = parse(paramsYaml)
-	return paramsJson
-}
-
-export async function generateTsFromYamlSchema(
-	name: string,
-	type: 'parameters' | 'secret-parameters'
-) {
-	const paramsJson = await getJsonSchemaForProvider(name, type)
-	let paramsSchemaTs = await compile(
-		paramsJson,
-		'',
-		{
-			additionalProperties: false,
-			bannerComment: '',
-			ignoreMinAndMaxItems: true,
-			declareExternallyReferenced: false,
-			customName({ type, format }) {
-				if(type === 'string' && format === 'binary') {
-					return BinaryDataType
-				}
-
-				return undefined
-			},
-		}
-	)
-
-	const jsonTitle = `${paramsJson.title}Json`
-	paramsSchemaTs += `\nexport const ${jsonTitle} = ${JSON.stringify(paramsJson)}`
-
-	return {
-		ts: paramsSchemaTs,
-		schemaTitle: paramsJson.title,
-		jsonTitle
-	}
-}
-
-/**
- * Find all provider folders in the provider-schemas directory
- * @returns {Promise<string[]>} List of provider folder names
- */
-async function findAllProviderFolders() {
-	const providerFolders = await readdir(
-		PROVIDER_SCHEMAS_PATH,
-		{ withFileTypes: true }
-	)
-	return providerFolders
-		.filter(p => p.isDirectory())
-		.map(p => p.name)
-}
-
-void main()

package/src/scripts/generate-receipt.ts

@@ -1,138 +0,0 @@
-import { setCryptoImplementation } from '@joclaim/tls'
-import { webcryptoCrypto } from '@joclaim/tls/webcrypto'
-import { readFile } from 'fs/promises'
-import type { WebSocketServer } from 'ws'
-import '#src/server/utils/config-env.ts'
-
-import type {
-	ProviderName,
-	ProviderParams,
-	ProviderSecretParams } from '#src/index.ts'
-import {
-	API_SERVER_PORT,
-	createClaimOnAttestor,
-	getAttestorClientFromPool,
-	getTranscriptString,
-	logger,
-	providers,
-	WS_PATHNAME,
-} from '#src/index.ts'
-import { getCliArgument } from '#src/scripts/utils.ts'
-import { createServer, decryptTranscript } from '#src/server/index.ts'
-import { assertValidateProviderParams } from '#src/server/utils/validation.ts'
-import { getEnvVariable } from '#src/utils/env.ts'
-
-setCryptoImplementation(webcryptoCrypto)
-
-type ProviderReceiptGenerationParams<P extends ProviderName> = {
-    name: P
-    params: ProviderParams<P>
-    secretParams: ProviderSecretParams<P>
-}
-
-// tmp change till we move OPRF attestor to prod
-const DEFAULT_ATTESTOR_HOST_PORT = 'ws://localhost:8001/ws'
-const PRIVATE_KEY_HEX = getEnvVariable('PRIVATE_KEY_HEX')
-	// demo private key
-	|| '0x0123788edad59d7c013cdc85e4372f350f828e2cec62d9a2de4560e69aec7f89'
-
-let server: WebSocketServer | undefined
-
-export async function main<T extends ProviderName>(
-	receiptParams?: ProviderReceiptGenerationParams<T>
-) {
-	const paramsJson = receiptParams ?? (await getInputParameters())
-	if(!(paramsJson.name in providers)) {
-		throw new Error(`Unknown provider "${paramsJson.name}"`)
-	}
-
-	assertValidateProviderParams<'http'>(paramsJson.name, paramsJson.params)
-
-	let attestorHostPort = getCliArgument('attestor')
-        || DEFAULT_ATTESTOR_HOST_PORT
-	if(attestorHostPort === 'local') {
-		console.log('starting local attestor server...')
-		server = await createServer()
-		attestorHostPort = `ws://localhost:${API_SERVER_PORT}${WS_PATHNAME}`
-	}
-
-	const zkEngine = getCliArgument('zk') === 'gnark' ? 'gnark' : 'snarkjs'
-	const { request, error, claim } = await createClaimOnAttestor({
-		name: paramsJson.name,
-		secretParams: paramsJson.secretParams,
-		params: paramsJson.params,
-		ownerPrivateKey: PRIVATE_KEY_HEX,
-		client: { url: attestorHostPort },
-		logger,
-		zkEngine
-	})
-
-	if(error) {
-		console.error('claim creation failed:', error)
-	} else {
-		const ctx = claim?.context
-			? JSON.parse(claim.context)
-			: {}
-		console.log(`receipt is valid for ${paramsJson.name} provider`)
-		if(ctx.extractedParameters) {
-			console.log('extracted params:', ctx.extractedParameters)
-		}
-	}
-
-
-	if(!request) {
-		throw new Error('Missing request in claim')
-	}
-
-	const decTranscript = await decryptTranscript(
-		request?.transcript,
-		logger,
-		zkEngine,
-		request?.fixedServerIV,
-		request?.fixedClientIV
-	)
-	const transcriptStr = getTranscriptString(decTranscript)
-	console.log('receipt:\n', transcriptStr)
-	console.log('claim:\n', claim)
-
-	const client = getAttestorClientFromPool(attestorHostPort)
-	await client.terminateConnection()
-
-}
-
-// eslint-disable-next-line @typescript-eslint/no-explicit-any
-async function getInputParameters(): Promise<ProviderReceiptGenerationParams<any>> {
-	const paramsJsonFile = getCliArgument('json')
-	if(!paramsJsonFile) {
-		const name = getCliArgument('name')
-		const paramsStr = getCliArgument('params')
-		const secretParamsStr = getCliArgument('secretParams')
-		if(!name || !paramsStr || !secretParamsStr) {
-			throw new Error('Either provide --json argument for parameters JSON or provide separately with --name, --params & --secretParams')
-		}
-
-		return {
-			name,
-			params: JSON.parse(paramsStr),
-			secretParams: JSON.parse(secretParamsStr)
-		}
-	}
-
-	let fileContents = await readFile(paramsJsonFile, 'utf8')
-	for(const variable in process.env) {
-		fileContents = fileContents.replace(
-			`{{${variable}}}`,
-            process.env[variable]!
-		)
-	}
-
-	return JSON.parse(fileContents)
-}
-
-main()
-	.catch(err => {
-		console.error('error in receipt gen', err)
-	})
-	.finally(() => {
-		server?.close()
-	})

package/src/scripts/generate-toprf-keys.ts

@@ -1,30 +0,0 @@
-import { ethers } from 'ethers'
-
-import { logger, makeDefaultOPRFOperator } from '#src/utils/index.ts'
-
-const ENGINE = 'gnark'
-const TOTAL_KEYS = 10
-const THRESHOLD = 1
-
-async function main() {
-	const op = makeDefaultOPRFOperator('chacha20', ENGINE, logger)
-	const {
-		publicKey,
-		privateKey,
-		shares
-	} = await op.generateThresholdKeys(TOTAL_KEYS, THRESHOLD)
-	logEnvValue('TOPRF_PUBLIC_KEY', publicKey)
-	logEnvValue('TOPRF_PRIVATE_KEY', privateKey)
-
-	for(const [i, share] of shares.entries()) {
-		console.log(`# Share ${i}`)
-		logEnvValue('TOPRF_SHARE_PUBLIC_KEY', share.publicKey)
-		logEnvValue('TOPRF_SHARE_PRIVATE_KEY', share.privateKey)
-	}
-}
-
-function logEnvValue(name: string, value: Uint8Array) {
-	console.log(`${name}=${ethers.utils.hexlify(value)}`)
-}
-
-void main()

package/src/scripts/jsc-cli-rpc.ts

@@ -1,48 +0,0 @@
-// eslint-disable-next-line simple-import-sort/imports
-import '#src/external-rpc/jsc-polyfills/index.ts'
-
-import { setCryptoImplementation } from '@joclaim/tls'
-import { pureJsCrypto } from '@joclaim/tls/purejs-crypto'
-
-import { handleIncomingMessage } from '#src/external-rpc/index.ts'
-import { B64_JSON_REVIVER } from '#src/utils/b64-json.ts'
-
-function readIncomingMsg(): JSCIncomingMsg {
-	const cmd = readline()
-	return JSON.parse(cmd, B64_JSON_REVIVER)
-}
-
-setCryptoImplementation(pureJsCrypto)
-
-print('Input base URL for attestor')
-const initCmd = readIncomingMsg()
-if(initCmd.type !== 'init') {
-	throw new Error('Expected init command')
-}
-
-globalThis.RPC_CHANNEL_NAME = 'cli'
-globalThis.ATTESTOR_BASE_URL = initCmd.attestorBaseUrl
-const channel: AttestorRPCChannel = {
-	postMessage(message) {
-		print(message)
-	},
-}
-
-globalThis[RPC_CHANNEL_NAME] = channel
-
-print('reading RPC messages...')
-
-let cmd: JSCIncomingMsg
-while(cmd = readIncomingMsg(), cmd.type !== 'quit') {
-	if(cmd.type === 'init') {
-		continue
-	}
-
-	handleIncomingMessage(cmd)
-	// give 500ms to do some async work
-	await new Promise((resolve) => {
-		setTimeout(resolve, 500)
-	})
-}
-
-print('done')

package/src/scripts/register-avs-operator.ts

@@ -1,5 +0,0 @@
-// eslint-disable-next-line simple-import-sort/imports
-import 'src/server/utils/config-env'
-import { registerOperator } from '#src/avs/utils/register.ts'
-
-void registerOperator()

package/src/scripts/start-server.ts

@@ -1,17 +0,0 @@
-import { setCryptoImplementation } from '@joclaim/tls'
-import { webcryptoCrypto } from '@joclaim/tls/webcrypto'
-import '#src/server/utils/config-env.ts'
-
-import { getApm } from '#src/server/utils/apm.ts'
-getApm()
-
-setCryptoImplementation(webcryptoCrypto)
-
-async function main() {
-	// importing dynamically to allow APM to inject
-	// into modules before they are used
-	const { createServer } = await import('#src/server/index.ts')
-	return createServer()
-}
-
-main()

package/src/scripts/update-avs-metadata.ts

@@ -1,26 +0,0 @@
-// eslint-disable-next-line simple-import-sort/imports
-import 'src/server/utils/config-env'
-import { getContracts } from '#src/avs/utils/contracts.ts'
-import { getCliArgument } from '#src/scripts/utils.ts'
-
-async function main() {
-	const { contract } = getContracts()
-
-	const minSignaturesPerTask = getCliArgument('minSignaturesPerTask')
-	if(!minSignaturesPerTask) {
-		throw new Error(
-			'Provide operator address via --minSignaturesPerTask <num>'
-		)
-	}
-
-	const tx = await contract.updateTaskCreationMetadata({
-		minSignaturesPerTask: +(minSignaturesPerTask || 0),
-		maxTaskCreationDelayS: 0,
-		maxTaskLifetimeS: 0,
-	})
-	await tx.wait()
-
-	console.log('Updated task creation metadata')
-}
-
-void main()

package/src/scripts/utils.ts

@@ -1,8 +0,0 @@
-export function getCliArgument(arg: string) {
-	const index = process.argv.indexOf(`--${arg}`)
-	if(index === -1) {
-		return undefined
-	}
-
-	return process.argv[index + 1]
-}

package/src/scripts/whitelist-operator.ts

@@ -1,22 +0,0 @@
-// eslint-disable-next-line simple-import-sort/imports
-import 'src/server/utils/config-env'
-import { getContracts } from '#src/avs/utils/contracts.ts'
-import { getCliArgument } from '#src/scripts/utils.ts'
-
-async function main() {
-	const { contract } = getContracts()
-
-	const address = getCliArgument('address')
-	if(!address) {
-		throw new Error(
-			'Provide operator address via --address <addr>'
-		)
-	}
-
-	const tx = await contract.whitelistAddressAsOperator(address, true)
-	await tx.wait()
-
-	console.log('Whitelisted address:', address)
-}
-
-void main()

package/src/server/create-server.ts

@@ -1,169 +0,0 @@
-import type { IncomingMessage } from 'http'
-import { createServer as createHttpServer } from 'http'
-import serveStatic from 'serve-static'
-import type { Duplex } from 'stream'
-import type { WebSocket } from 'ws'
-import { WebSocketServer } from 'ws'
-
-import { API_SERVER_PORT, BROWSER_RPC_PATHNAME, WS_PATHNAME } from '#src/config/index.ts'
-import { handleProviderApiRequest } from '#src/server/provider-api.ts'
-import { handleSessionApiRequest } from '#src/server/session-api.ts'
-import { AttestorServerSocket } from '#src/server/socket.ts'
-import { getAttestorAddress } from '#src/server/utils/generics.ts'
-import { addKeepAlive } from '#src/server/utils/keep-alive.ts'
-import type { BGPListener } from '#src/types/index.ts'
-import { createBgpListener } from '#src/utils/bgp-listener.ts'
-import { getEnvVariable } from '#src/utils/env.ts'
-import { logger as LOGGER } from '#src/utils/index.ts'
-import { SelectedServiceSignatureType } from '#src/utils/signatures/index.ts'
-import { promisifySend } from '#src/utils/ws.ts'
-
-const PORT = +(getEnvVariable('PORT') || API_SERVER_PORT)
-const DISABLE_BGP_CHECKS = getEnvVariable('DISABLE_BGP_CHECKS') === '1'
-
-/**
- * Creates the WebSocket API server,
- * creates a fileserver to serve the browser RPC client,
- * and listens on the given port.
- */
-export async function createServer(port = PORT) {
-	const http = createHttpServer()
-	const serveBrowserRpc = serveStatic(
-		'browser',
-		{
-			index: ['index.html'],
-			setHeaders(res) {
-				res.setHeader('Access-Control-Allow-Origin', '*')
-			},
-		}
-	)
-	const bgpListener = !DISABLE_BGP_CHECKS
-		? createBgpListener(LOGGER.child({ service: 'bgp-listener' }))
-		: undefined
-
-	const wss = new WebSocketServer({ noServer: true })
-	http.on('upgrade', handleUpgrade.bind(wss))
-	http.on('request', (req, res) => {
-		// CORS headers for all requests
-		res.setHeader('Access-Control-Allow-Origin', '*')
-		res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
-		res.setHeader('Access-Control-Allow-Headers', 'Content-Type')
-
-		// Handle CORS preflight
-		if(req.method === 'OPTIONS') {
-			res.statusCode = 204
-			res.end()
-			return
-		}
-
-		// Session API routes
-		if(req.url?.startsWith('/api/sdk/') || req.url?.startsWith('/session/')) {
-			handleSessionApiRequest(req, res)
-			return
-		}
-
-		// Logs endpoint (accepts POST, returns 200)
-		if(req.url?.startsWith('/api/logs')) {
-			const chunks: Buffer[] = []
-			req.on('data', (chunk: Buffer) => chunks.push(chunk))
-			req.on('end', () => {
-				LOGGER.debug({ source: 'sdk-logs' }, 'received sdk log dump')
-				res.statusCode = 200
-				res.setHeader('Content-Type', 'application/json')
-				res.end('{"success":true}')
-			})
-			return
-		}
-
-		// Provider API routes
-		if(req.url?.startsWith('/api/providers')) {
-			handleProviderApiRequest(req, res)
-			return
-		}
-
-		// simple way to serve files at the browser RPC path
-		if(!req.url?.startsWith(BROWSER_RPC_PATHNAME)) {
-			res.statusCode = 404
-			res.end('Not found')
-			return
-		}
-
-		req.url = req.url.slice(BROWSER_RPC_PATHNAME.length) || '/'
-
-		serveBrowserRpc(req, res, (err) => {
-			if(err) {
-				LOGGER.error(
-					{ err, url: req.url },
-					'Failed to serve file'
-				)
-			}
-
-			res.statusCode = err?.statusCode ?? 404
-			res.end(err?.message ?? 'Not found')
-		})
-	})
-
-	// wait for us to start listening
-	http.listen(port)
-	await new Promise<void>((resolve, reject) => {
-		http.once('listening', () => resolve())
-		http.once('error', reject)
-	})
-
-	wss.on('connection', (ws, req) => handleNewClient(ws, req, bgpListener))
-
-	LOGGER.info(
-		{
-			port,
-			apiPath: WS_PATHNAME,
-			browserRpcPath: BROWSER_RPC_PATHNAME,
-			signerAddress: getAttestorAddress(SelectedServiceSignatureType)
-		},
-		'WS server listening'
-	)
-
-	const wssClose = wss.close.bind(wss)
-	wss.close = (cb) => {
-		wssClose(() => http.close(cb))
-		bgpListener?.close()
-	}
-
-	return wss
-}
-
-async function handleNewClient(
-	ws: WebSocket,
-	req: IncomingMessage,
-	bgpListener: BGPListener | undefined
-) {
-	promisifySend(ws)
-	const client = await AttestorServerSocket.acceptConnection(
-		ws,
-		{ req, bgpListener, logger: LOGGER }
-	)
-	// if initialisation fails, don't store the client
-	if(!client) {
-		return
-	}
-
-	ws.serverSocket = client
-	addKeepAlive(ws, LOGGER.child({ sessionId: client.sessionId }))
-}
-
-function handleUpgrade(
-	this: WebSocketServer,
-	request: IncomingMessage,
-	socket: Duplex,
-	head: Buffer
-) {
-	const { pathname } = new URL(request.url!, 'wss://base.url')
-
-	if(pathname === WS_PATHNAME) {
-		this.handleUpgrade(request, socket, head, (ws) => {
-			this.emit('connection', ws, request)
-		})
-		return
-	}
-
-	socket.destroy()
-}